How Ubiquiti Networks Is Creatively Violating the GPL 225
New submitter futuristicrabbit writes: Networking company Ubiquiti Networks violates the GPL, but not in the way you'd expect. Not only did the kernel shipped in their router firmware not correspond to the sources given, but their failure to provide the source led to a vulnerability they created being unpatched long after its disclosure. They're maintaining the appearance of compliance without actually complying with the GPL.
But... (Score:4, Funny)
Ubiquiti Networks (Score:3)
Interesting, I have been looking at their WISP stuff for awhile, and one thing I liked was they were using lots of COTS and open source software. Funny I would not want to publish my code either, as apparently it was buggy, they would have been lash wipped by Linus!
Re: (Score:3)
If you are so embarassed by your code as to not want to publish it, might I suggest you SHOULD be too embarassed to sell products based on it or otherwise distribute it in binary form.
Re: (Score:2)
Funny I would not want to publish my code either, as apparently it was buggy, they would have been lash wipped by Linus!
Linus will only rant at bad code being submitted to the kernel mailinglist for integration into the mainline kernel. If you publish code on your own website, he's not even going to look at it.
What? (Score:3)
And in what way is this not how I'd expect?
Sleazy corporation skirts around rules, film at 11.
Re:What? (Score:5, Insightful)
Another possible cause (Score:2)
My company (specifically, my department) uses and contributes to a number of open source projects. From time to time stuff gets lost in revision control and either a commit isn't upstreamed, upstream doesn't merge pull our changes right away, the patch hasn't made it to the mainline trunk or is staged for the next release.
It's not completely uncommon for me to pull from an upstream project and hit a bug I know we patched and then have to track down that patch's merge history internally (sometimes it doesn't
Re: (Score:2)
Re: (Score:2)
Note that if anyone with copyright over the kernel wins such a suit, the rights to use the kernel are lost for all time ("terminated"). And, there's no way to get those rights to use the kernel back. (Well, maybe they could
Re: (Score:2)
The problem with this "maybe it's just a mistake" line of thought is that, usually, whenever these GPL violation issues come up publicly, it's because the accusers have already contacted the alleged infringer and sought to rectify the situation, and it didn't go over well.
edgerouter.. (Score:2, Interesting)
I have the edgerouter POE, which is a fantastic piece of hardware, but it still doesn't support proper vlan tagging controls on the embedded switch ports. A feature I would add myself but the hardware isn't open enough to do it without a lot of reverse engineering.
So, this makes me wonder if they are sort of stuck between stupid hardware companies and the GPL. They may not be able to publish changes to the open source products without violating their NDAs with the manufactures of assorted chips/etc they use
Re:edgerouter.. (Score:5, Insightful)
You know, that's a self-inflicted problem, and not deserving of sympathy.
Either you run closed source stuff and write your own stuff, or you comply with the GPL.
It's a bummer if a small company got themselves into a predicament. But, nobody cares.
I know you're not defending them, but honestly if a company decided it wanted to steal someone else's code and not play by the rules of the GPL, that's their own damned problem.
From the sounds of it, they knew damned well they were not compliant.
Re: (Score:2)
I've never actually heard of any BSD derivative used in a small, embedded system. Usually the choice is between Linux (on ARM or MIPS or maybe ppc) and a proprietary RTOS like VxWorks or QNX. There's probably a reason for this.
Re: edgerouter.. (Score:2)
photocopiers often run ancient unpatched versions of BSD.
Re: (Score:2)
The reason is because the manufacturer gives you some old version of linux that they have included as their "base" reference design OS, and .. people just build on that.
It's purely inertia.
Re: (Score:2)
That doesn't sound right. If everyone were just using Linux, that would make sense, but they're not, they're also using QNX and VxWorks and some other RTOSes. Manufacturers are not giving anyone reference designs with proprietary RTOSes, so any company choosing those is doing so for a specific reason (probably they want lower resource-usage than Linux can achieve). If so many companies can do this, some would also be choosing BSD. But that doesn't seem to be happening, so I would think this is probably
Re: (Score:2)
They're violating the license agreement. That code is copyrighted, and is only provided to you under the conditions stated in the GPL license, which govern how that code is distributed, and in a nutshell requires you to make the source code available to any changes you distribute to anyone in binary form (i.e., in products you sell which use that code). If you refuse to follow the terms of that license, then you automatically have no right to use the code at all, and are now in violation of copyright. If
Re: (Score:2)
Here is what they did, with Windows replacing Linux:
They downloaded Windows 8, cracked the licensing mechanism, then redistributed the software on their own hardware. When someone pointed out to them that what they did is against the law, they ignored the request to rectify the situation.
Would this be illegal? How is it different when it is a piece of GPL software?
Re: (Score:2)
The big difference here is the DMCA, which makes it illegal to crack the licensing mechanism like this; this makes the action in your scenario a crime.
Violating the GPL is not (AFAIK) a crime, it's a tort, just like any normal copyright violation. The party harmed has to sue for damages.
Re: (Score:2)
Re: Or you write a separate process... (Score:2)
We are talking about kernel accessing hardware here.
Re: (Score:2)
I just (as in this morning) ordered a pair of radios from them for a point to point link. Can anyone recommend good competitors for ubiq's point to point radios?
Re: (Score:2)
I haven't anything at that price point. I gave half a dozen their point to point devices and they rock. I get a full 100MBs over about 800 feet. I'm very happy with them. Hope this issue with the kernel source gets sorted out. They seem like a good little company and they have good affordable hardware.
A local wireless ISP in my area uses their equipment exclusively. Works very well.
Re: (Score:2)
Re: (Score:3)
There's ways around the NDA problem: put that code in a separate place where it interfaces with GPL code, but does not require actually modifying the GPL code with anything NDA-tainted, for instance. If you can't figure out how to do that, then you really have no business working with this stuff. Or just use a proprietary OS like VxWorks.
Mod parent down (Score:2)
I feel for small companies like Ubiquiti.
So a multi-billion dollar company like Ubiquiti, which has made its CEO one of Forbes' 10 youngest billionaires, is a small company?
Re: (Score:2)
Get your razor out (Score:2)
Get your axe out (Score:4, Insightful)
Never attribute to stupidity when it's a habitual offender.
Re: (Score:2)
Habitual? Do you have links to other instances? Also, how exactly are they not complying? My understanding was that compliance in this case requires that they offer up the source code for whatever they use. If they then make changes, there is no requirement to post their changes as well.
Re:Get your axe out (Score:4, Interesting)
No, modifying the code means you have created a derivative work and need to release those code changes to anybody using it.
Which is what the license has said for at least 20 years.
There is no provision to make changes to GPL code and not release it.
If you have an application which is only ever inside your corporate firewall, it's unlikely the people in accounting will want to see the source code. But you sure as hell can't modify it, build a product around it, and then not release those changes.
Your understanding is wrong.
Re: (Score:2, Informative)
GPL requires that you provide complete source code to binaries you distribute that are derived from that source code. That includes any changes that you have made and code you have added.
So either you get a head start from the existing code and then share your changes. Or you write it all yourself. Pretty straight forward tradeoff.
Re:Get your axe out (Score:5, Informative)
The GPL is designed to avoid the "What's yours is mine and what's mine is mine" scenario where someone uses the code +their changes to always stay one step ahead of the free version and so the GPL requires that they hand over the full source with any changes they made that were used to build whatever product they shipped. If they made changes to the GPL code that were included in the shipped product, they must publish those changes. On the other hand, if they made changes they did not ship with any product(internal releases etc), they are under no obligation to release those changes.
In this case, they are not shipping all of the changes they made to their source code that was used to build their firmware so that is a clear violation of the GPL.
Re: (Score:2)
Thank you for your polite response (unlike the three above you). I was asking a question and you answered it. I unfortunately can't bring up the link in TFS, as it is blocked by the corporate firewall, so I can't see what they did.
I don't routinely deal with GPL code beyond just use, so am unfamiliar with the inner workings of the GPL.
Thank you again.
Re: (Score:2)
I'm not trying to be rude, but this isn't some kind of secret, nor some obscure "small text" in the GPL license, it's the entire reason for the GPL. If you use GPL code at all, it's good to understand the license at a very basic level; furthermore, the GPL license itself is very simple as far as licenses go, and was intentionally designed that way because it's meant for developers and users, not lawyers to argue in courtrooms for $$$/hour. It's simple: if you're given access to GPL code by its copyright o
Re: (Score:2)
My understanding was that compliance in this case requires that they offer up the source code for whatever they use. If they then make changes, there is no requirement to post their changes as well.
Your self proclaimed understanding was incredulously incorrect and shows that you did not actually have an understanding of the GPL. Playing to some niceties of politeness when you yourself are bullshitting is less than honest, sir. You asserted understanding that was false. No need to get upset when someone attempts to correct your assertion.
Have a nice day.
Re: (Score:2)
I was thinking of commenting on the copyright issues with posting the full text of the post, then got to the bottom where he actually says feel free to report my stuff :) pretty cute there.
Interesting what they are doing, it does sound much worse than what I understood from the summary. I wonder if enough attention being brought to this may help the developers in Ubiquiti to understand what they are doing to maybe fix it. I like Ubiquiti's equipment, as they make great hardware that "just works", I repla
Re: (Score:3)
Re: (Score:2)
The source is the linked article in the summary.
Re: (Score:2)
To be fair, stupid people act stupidly on a fairly regular basis.
Official build systems ... (Score:2)
Never attribute to malice that which is adequately explained by stupidity.
Raise your hands if you have ever worked somewhere where there was an official build system and most developers did not get matching binaries from their development systems.
Re:Official build systems ... (Score:5, Insightful)
Dude, this isn't binaries which have different checksums. This is binaries which don't in any way correspond to the code they provided.
This is a case of any sufficiently advanced incompetence is indistinguishable from malice.
They're either grossly inept, or knew damned well what they were doing.
Re:Official build systems ... (Score:5, Funny)
They're either grossly inept, or knew damned well what they were doing.
NB, these options are not mutually exclusive.
Re: (Score:2)
The problem with this "it's probably not malice" idea is that, usually, whenever a public GPL project complains about some company violating the GPL, they've already contacted the company through official channels, seeking to rectify the situation, because they have the exact same idea: that this is just a misunderstanding, the right hand doesn't know what the left is doing, etc. Most of the time, this is most likely the problem, and the company, after consulting with their lawyer, realizes its mistake and
Re: (Score:2)
Your theory that one employee or one team screwed up might fit if this were just a case of a single customer requesting the source and the employee or team mistakenly saying no, but that's not the case here. This has been going on for months now, with multiple contacts to the company. Even the copyright holder of uboot sent them a letter last July threatening legal action if this doesn't get resolved, and they've ignored it for 9 months now. That's far beyond a single person or team making a mistake, or
BroadBand HamNet (Score:2)
Comment removed (Score:3)
Re: (Score:2)
Your scenario would make sense if this was just a one time thing, but the issues with Ubiquiti have been going on for many months.
Re: (Score:3)
- He links to a GPL'ed project named "u-boot". He then works from the assumption that this must be the same exact software as is used by Ubiquiti, who couldn't possibly have any in-house projects named "u-boot" that would boot a Ubiquiti device. No, that's just too far-fetched. Some proof of it even being the same software would be in order. Even if there's some documentation from Ubiquiti themselves, it would be something that would at least tie them together, rather than falling into the category of "strange coincidence".
So you think they wrote their own bootloader for their router, named it the same as a well known bootloader that's used in lots of other routers, and then when people request the source (including one of u-boot' copyright holders) they wouldn't just say "it's not *that* u-boot, it's are own proprietary bootloader and we're keeping it closed"? Grasping at straws much?
Well, this just screwed the legal pooch... (Score:2)
Well, this just screwed the legal pooch... your posting pretty much kills any recovery change you hd in court.
They could easily claim:
(1) Witness tampering
(2) Jury tampering
(3) Impossibility of a fair hearing (and they get to pick the venue; how's East Texas sound?)
(4) They were attempting to remedy the issue, and this posting did irreparable harm to their business
Most likely they are just trying to hide a hard-coded signing key.
Most likely, you are just bitching because you can't run your firmware on their
Re: (Score:2)
(1) Witness tampering
(2) Jury tampering
(3) Impossibility of a fair hearing (and they get to pick the venue; how's East Texas sound?)
(4) They were attempting to remedy the issue, and this posting did irreparable harm to their business
If a single blog post were enough to make it impossible to get a fair hearing, then no one would ever get a fair hearing.
Re: (Score:2)
Isn't it possible to comply with GPL and still have the restriction on what can run on the hardware?
For example: sign the binaries and put a pre-bootloader (something small you wrote yourself (no need to open the source) put on protected memory of the CPU (no way to read or modify it)) that check the signature and either starts the bootloader (open source) or not.
Or how about a modified version of gcc (not distributed, so no need to provide the source) that inserts the key when compiling, so the source just
Re: (Score:2)
Isn't it possible to comply with GPL and still have the restriction on what can run on the hardware?
With GPLv2 code, yes; with GPLv3 code, which was supposed to close the patent and DRM "loopholes" to prevent "TIVO-ization", it's unclear; those clauses of the GPLv3 haven't been tested, mostly because as soon as something goes from GPLv2 to GPLv3, companies tend to use the older code and maintain it themselves, find an alternative, or run screaming, like Apple did with LLVM.
The code in question is GPLv2.
Re: (Score:2)
If they were doing what you suggest, why wouldn't they just release their u-boot source?
Re: (Score:2)
The bottom turtle is missing (u-boot itself is not signed and checked by the BIOS/SOC POST code... I'm sure they are working on fixing it; if not, I charge unreasonable consulting fees, and I'm available;) ... also worked with the same problem on Chrome ...).
Re: (Score:2)
They probably are just trying to hide a hard coded signing key, but that's the whole point of the GPL isn't it? That you can't get away with that kind of crap.
No, actually, that's the point of the GPLv3. GPLv2 is perfectly happy with it, and it's why vendors are happy using Linux in embedded devices.
The u-boot code is GPLv2, and it's perfectly OK to "TIVO-ize" it. It's what we did in Chrome OS, in fact. It's just that, in Chrome OS, the BIOS that loads the u-boot checks the signature block on the u-boot, too, and sends it the signature verification key to use on the kernel, and on the rest of the OS.
You're not allowed to change the boot code, and you're not al
Slashdotted (Score:4, Informative)
The linked site in TFS is suffering from (possibly slashdot-induced) overload. Here's the text from the linked page:
Four ways Ubiquiti Networks is creatively violating the GPL
Ubiquiti Networks is a company which makes long-range wireless equipment. Admittedly, you can do some pretty amazing stuff with it, but the company has a dark history of securities fraud, violation of U.S. sanctions, trademark and copyright lawsuits and software patents, which isn't as amazing.
In addition to this, they have been violating the GPL. However, because they did it creatively, most people don't know about it, and Ubiquiti still hasn't come into compliance.
Here are four ways that they have succeeded in making the violations hard to notice, and even harder to act upon.
1. Giving the appearance of compliance
'You can find the complete and corresponding source in the GPL archive.'
Ubiquiti had a website set up where you can download tarballs purportedly containing all GPL source for each and every firmware release. (I can't find it any more, but that doesn't mean that it isn't still there.) When you look through these tarballs, they appear to be complete, and there are build instructions which allow you to make your own custom firmware.
It's only when you look closer that you start to notice problems, such as...
2. Refusing to provide the source to their modified bootloader, even though they made changes that introduced security vulnerabilities
Security keys
Up until version 5.5.4 of Ubiquiti's airOS, the locally-modified u-boot bootloader contained a security issue - It was possible to extract the plain-text config from devices running the firmware, without leaving a trace. And the plain-text config contains unencrypted WPA/WPA2/RADIUS passwords.
Even worse than this security issue, was Ubiquiti's response to it. Namely, they:
Refused to provide the source code, even though u-boot is under the GPL
Didn't fix the security issue for a long time after it was publicly disclosed
To this day, Ubiquiti still has not provided the u-boot source code.
3. Providing source code to a version of Linux, just not the one that they actually ship, and hoping that nobody notices
Ubiquiti Source Ubiquiti Binaries
It would be natural to think that the binaries that Ubiquiti provides were compiled from the source code that Ubiquti provides. As it turns out, for a large number of their releases, the kernel source given does not correspond to the kernel in the official firmware images.
As evidence, consider that in version 5.5.4 of the AirMax firmware, the kernel was modified such that the MTD partitions would be read only, however this change cannot be found in the corresponding kernel patches or source.
Such practices make finding violations extremely difficult, and we can't know for certain that they haven't done this with anything else in the GPL tarball. It's possible that this was just a mistake, but remember that people have complained about this without much of a response.
And speaking of complaining...
4. Dragging out GPL code requests for months on end, then inexplicably going silent
Bureaucracy is a challenge to be conquered with a righteous attitude, a tolerance for stupidity, and a bulldozer when necessary
In case you think that I am being mean to Ubiquiti by going public, please note that I have been trying to contact Ubiquiti for the past year about the issue of the u-boot source code. You can see my attempts here, here and here.
In fact, I even got a copyright holder of u-boot to ask for the source, and they still haven't provided it.
From my conversations with Ubiquiti, I have found that they claimed that it's alright to refuse to provide source code to GPL-licensed software if "This decision was taken with the security of the users in mind". Furthermore, my conversations were endlessly delayed by the supposed necessity to forward m
Re: (Score:2)
unless and until wolfgang pursues legal action, there really isn't anything that can be done for force the company's hand. and that's part of the problem. you have big giant company doing whatever the hell they want to, trampling all over the license and rights granted by a much, much smaller entity who cannot afford to do anything about it.
Re: (Score:3)
wrong. read GPLv2 section 3:
Pera gets rich of other's backs ... (Score:5, Interesting)
Re: (Score:3)
Mikrotik appears to have its own GPL issues. And good luck getting OpenWRT to run on any of their recent devices :-(
Re: (Score:2)
Stop apologizing to a random text on the Internet. WTF is wrong with you?
Re: (Score:2)
P{erhaps he was bitten by a duck as a child. Now he's quacking up.
I'll be here all week. Try your waitress, tip the beer.
Author asks for your help by emailing (Score:5, Insightful)
If you can spare a minute, please do any or all of the following so that we can retain the GPL's power to help the community:
- Raise awareness - upvote it, send it to friends or write a blog post about it
- Write to Ubiquiti requesting the source - their email addresses are support@ubnt.com and info@ubnt.com. You should try both.
- Send me an email telling me what you've done. My email address is riley@openmailbox.org
Re: (Score:2)
The author might consider removing the "dark history" claim or risk the label of hyperbole.
... or risk the *libel* of hyperbole!
This is too bad (Score:2, Informative)
This is too bad. They are currently the only supported hardware maker for one of ham radio's more interesting projects: A self discovering/healing/organizing mesh network providing WiFi networking over dozens of miles on the portions of the WiFi spectrum available to hams. http://www.broadband-hamnet.org The project still officially supports the venerable Linksys WRT54G, but official support for this router is ending this month and it is a pretty old router. Then again, when you use Ubiquiti hardware and th
Do I gotta be the guy to ask? (Score:2)
And it was not included in the the source packages because the source is subjected to a gag order and publishing it would be showing it to the world.
Lastly, if this is true, what if this is "standard procedure" for backdoors inserted into many open-source projects, where the code presented is actually a fork of the true, backdoored code, running on lots of hardware? Or, a
Ubiquiti has form (Score:2)
As the article said "the company has a dark history of securities fraud, violation of U.S. sanctions, trademark and copyright lawsuits and software patents".
I personally discovered that their standard wifi board didn't follow the mini-pcie spec on flight mode (W_DISABLE). In fact there is no way, other than cutting power to the card, of disabling radio transmissions. Multiple inquiries on this topic were all met with stunned silence. At the time I was working for a substantial company buying boxes of car
Re: (Score:3, Funny)
I was expecting three things: fear, surprise, ruthless efficiency, and an almost fanatical devotion to the Pope.
Re:Unexpectedly expected? (Score:4, Funny)
that is four things ...
Re: (Score:2)
Probably that they were not providing the source at all, not that they were providing a fake source.
Re: (Score:2)
Re: (Score:3)
So you are saying that corporations don't trust the GPL because they do not comply with the GPL? Seems like an easy fix isn't it?
This.
It isn't the GPL that has earned distrust here. It's Ubiquiti Networks.
Re: (Score:3)
However, if GPL had been more permissive this whole incident would never have happened.
Of course it wouldn't. And Linux/U-Boot/Busybox wouldn't be as great as they currently are because corporations wouldn't have contributed back to these projects.
Re: (Score:2)
Re: (Score:2)
So you are suggesting them to use an inferior product, just so that they don't have to release their minor modifications to the Linux kernel? Remember they are hardware companies. Their profit isn't on the kernel they are shipping with their routers.
Re: (Score:3)
No, they used linux because that's what Atheros gave them as a base for the Atheros reference AP implementation.
Please don't make stuff up.
Re: (Score:2)
What's not to trust? Either you use the GPL code knowing full well the ramifications of doings so... or you Write It Yourself.
Re: (Score:2)
If "you" are a one-man shop, that's fine.
If "you" are the legal department for a company with 10,000 developers, the GPL is scary. You can either blanket-ban GPL code, and make your life easy, or create a system for separately evaluating the use of each and every piece of GPL code you allow in, plus some auditing process to catch cheaters (who check in GPL code as their own work, which happens).
Cloud services companies usually go with the latter: because you don't have to share your code if you don't distr
Re: (Score:2)
If you can't trust your developers, you have more than the GPL to worry about. If you think the cost of a GPL violation is bad, just wait and see the results of someone borrowing code claimed by a former employer (or even writing code too similar). Just ask Google where the one thing that has cost them the most pain so far, was a 9 line function that one of their programmers copied into the Android source code..
Re: (Score:2)
Legal departments already know how to deal with that (I've signed something at every new job promising I wouldn't do that, as a condition of employment), and it's obviously the wrong thing to do. Open source code is right there when you google for a solution to the problem in front of you, and it's often fine to incorporate. Quick, what license is the code you find on Stack Overflow under? OK to copy into commercial code or not?
p.s., probably not [creativecommons.org]
Re: (Score:2)
If "you" are a one-man shop, that's fine.
If "you" are the legal department for a company with 10,000 developers, the GPL is scary. You can either blanket-ban GPL code, and make your life easy, or create a system for separately evaluating the use of each and every piece of GPL code you allow in, plus some auditing process to catch cheaters (who check in GPL code as their own work, which happens).
Cloud services companies usually go with the latter: because you don't have to share your code if you don't distribute it, the payoff is good to allow use of GPL code, and police the corner cases where you do distribute code. Blanket bans on GPL code are still common at old-school software companies.
Most non-free licenses are quite scary too, but they often get a pass since they are not that open to begin with.
Re: (Score:2)
How does this disagree with the GP? Comply with the license, or pay to license something proprietary. It's not that hard.
I'm sure these guys did it on purpose, but that's not always the case. Many junior developers are simply oblivious to any concern about mixing GPL code in with their own work, and a few will cheat deliberately. Do you rely on code reviews? Do you run an auditing tool like Black Duck? In a large enough shop, you can't just make a policy and hope for the best, so the very existence of GPL code causes headaches for the legal team.
Yeah, sure, someone could copy closed source too, but that's much less likely
Re: (Score:2)
Re:And this is why corporations don't trust the GP (Score:5, Insightful)
Sorry, but what?
Nobody forced the company to use GPL stuff. Nobody forced them to build a product around it.
That they failed to comply with their obligations under the license is their own damned problem.
Use the GPL stuff, don't use the GPL stuff .. it's your choice. But if you choose to use the GPL stuff, you don't get to piss and moan that you don't want to live by the license.
Corporations aren't entitled to use GPL code and not adhere to the license. It's not a situation in which you can just decide how you'll interpret releasing the code.
These corporations which don't trust the GPL are entirely free to piss off and write their own code, or start with something like BSD which says "go ahead, do whatever you want with it".
Re: (Score:3)
This issue is why people are leaving... the GPL and going to BSD, MIT, others.
Last time I checked, WiFi routers are still full of GPLed software such as Linux, u-boot and busybox. What's the BSD or MIT alternative? The only manufacturer selling BSD-based routers I know is Apple. I don't think companies such as Linksys, Netgear or TP-Link have the resources to develop their own OS. It's either they use Linux and comply with the GPL, or pay for a proprietary alternative.
Re: (Score:2)
Plenty of higher end networking gear is BSD based, there's really no reason you couldn't use BSD for lower end gear other than your parts supplier might not have ready made drivers or images for you to modify (although even Atheros has support for current chips in FreeBSD so that appears to no longer be much of an issue).
Re: (Score:2)
Higher-end networking gear has serious CPU horsepower compared to your average Belkin or Linksys consumer-grade router, enough horsepower to rival a high-end PC probably, if not more.
How often do you see BSD used on any small embedded device with an ARM or MIPS CPU? I can't say I've ever even heard of this. It's always either Linux or something proprietary like QNX or VxWorks.
Re: (Score:2)
Plenty of higher end networking gear is BSD based, there's really no reason you couldn't use BSD for lower end gear other than your parts supplier might not have ready made drivers or images for you to modify
You pretty much nailed the problem. Board support packages (not just raw drivers) for WiFi router chips are much more available/complete/mature for Linux than for BSD.
So people are not leaving the GPL. Linux probably never had such a large share of the WiFi router market, while BSD is close to 0%.
Re: (Score:2)
the GPL and going to BSD, MIT, others.
I think you're confused about what "the issue" is.
Ubiquiti Networks modified GPL code and released binaries, and in the process, created a security problem with their product that they have yet to fix themselves. Under the GPL, they are obliged to release their modifications to the GPL code, but they refuse to do so. If they released the changes, then their customers could find and fix the problem without having to wait for Ubiquity Networks to do it.
Now, if Ubiquity Networks had used BSD or MIT code, they
Re: (Score:2, Interesting)
Yeah, we should all be using closed source shit and live hapily in laa-laa land. Or we could use BSD kind of licenses, create software for free and pay money to get closed source shit back. Wohoo!
Re: (Score:2)
Replying to undo a mod I didn't select... fuck what is it with slashdot these days.
Re:It's rape Jim, but not as we know it (Score:4, Insightful)
Hardware and software are apples and oranges. Although it would be convenient if open hardware were as easy to make as open software, it's not.
Fact is restrictive open source isnt producing innovation
I've never felt restricted by open-source software. The problem has always been closed systems, for me. Although, I suppose that the licensing issues go to the back of your mind anyhow when you've got a system that won't do what you want, and there is no way for you or anyone else but the vendor to fix it.
Re:It's rape Jim, but not as we know it (Score:5, Informative)
The GPL is rape in license form. Viral infection of the GPL sounds like an STD left behind by a rapist.
The GPL may be viral, but to correct your metaphor, the only way to catch it is via consensual intercourse with GPL source. There's no rape going on.
Re:It's rape Jim, but not as we know it (Score:5, Funny)
It can't be rape; the router has ways of shutting itself down when that happens.
Re:It's rape Jim, but not as we know it (Score:5, Informative)
Re: (Score:3)
Re:It's rape Jim, but not as we know it (Score:5, Interesting)
Yet another brand of router to avoid.
At least unless there's DD-WRT or something for the hardware, I won't buy one that isn't supported by real open-source software (even if I stick with their router SW).
DD-WRT is hardly a posterchild of open router software, they extensively use binary drivers in their releases, especially on the BCM platform.
OpenWRT is what you want as a baseline.
Re:It's rape Jim, but not as we know it (Score:5, Insightful)
Actually, their stuff is lightyears ahead of most of the 802.11 stuff you can buy for home use (as it is enterprise grade) while being in the same price range.
That however does not give them an excuse to violate the GPL and just ignore the terms of the agreement.
I hope they realize the error of their ways and fix the issue before they have to be sued into oblivion.
Re: (Score:3)
Forget to check the post anonymously box? Be careful, you might get attacked by Stallman and his followers :)